Ssl
in package
SSL utilities for Requests
Collection of utilities for working with and verifying SSL certificates.
Table of Contents
Methods
- match_domain() : bool
- Match a hostname against a dNSName reference
- verify_certificate() : bool
- Verify the certificate against common name and subject alternative names
- verify_reference_name() : bool
- Verify that a reference name is valid
Methods
match_domain()
Match a hostname against a dNSName reference
public
static match_domain(string|Stringable $host, string|Stringable $reference) : bool
Parameters
- $host : string|Stringable
-
Requested host
- $reference : string|Stringable
-
dNSName to match against
Tags
Return values
bool —Does the domain match?
verify_certificate()
Verify the certificate against common name and subject alternative names
public
static verify_certificate(string|Stringable $host, array<string|int, mixed> $cert) : bool
Unfortunately, PHP doesn't check the certificate against the alternative names, leading things like 'https://www.github.com/' to be invalid.
Parameters
- $host : string|Stringable
-
Host name to verify against
- $cert : array<string|int, mixed>
-
Certificate data from openssl_x509_parse()
Tags
Return values
boolverify_reference_name()
Verify that a reference name is valid
public
static verify_reference_name(string|Stringable $reference) : bool
Verifies a dNSName for HTTPS usage, (almost) as per Firefox's rules:
- Wildcards can only occur in a name with more than 3 components
- Wildcards can only occur as the last character in the first component
- Wildcards may be preceded by additional characters
We modify these rules to be a bit stricter and only allow the wildcard character to be the full first component; that is, with the exclusion of the third rule.
Parameters
- $reference : string|Stringable
-
Reference dNSName
Tags
Return values
bool —Is the name valid?